Goshen Medical Center Data Breach Investigation

On February 15, 2025, Goshen Medical Center, a healthcare practice with 50+ locations across North Carolina, experienced a ransomware attack to its internal databases. The attack, which was claimed by Russian cyber-criminal group BianLain, was not discovered until September 12, 2025, and has affected the personally identifiable information (PII) and personal health information (PHI) of at least 456,385 current/former patients. The PII and PHI affected in the breach includes but is not limited to name, date of birth, social security number, driver’s license numbers, financial data, and medical record information. Goshen Medical Center began mailing written notifications to victims of the attack on September 17, 2025, potentially too late to protect sensitive information. If you or someone you know receives a notification letter about the data breach and would like additional information about your legal rights, you can contact Goldenberg Schneider, LPA by calling 513-982-1569, sending an email to [email protected] or completing the “Contact Us” form to the right.